package com.ycorn.order.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Author: wujianmin
 * @Date: 2020/4/8 15:09
 * @Function:
 * @Version 1.0
 */
@RestController
@RequestMapping("/order")
public class TestOrderController {

    @GetMapping("/test1")
    @PreAuthorize("hasAuthority('p1')")
    public String test1() {
        return getUserName() + " test1";
    }

    @GetMapping("/test2")
    @PreAuthorize("hasAuthority('p2')")
    public String test2() {
        return getUserName() + " test2";
    }

    @GetMapping("/test3")
    @PreAuthorize("hasAuthority('p3')")
    public String test3() {
        return getUserName() + " test3";
    }

    @GetMapping("/test4")
    @PreAuthorize("hasAuthority('p4')")
    public String test4() {
        return getUserName() + " test4";
    }

    private String getUserName() {
        return (String)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    }
}
